I am working on a proxy implementation for handling traffic from a set of iOS devices. I have full access to the devices to install my proxy's root certificate on the device and add it as trusted, as to avoid causing SSL verification errors in both safari and in general HTTPS requests made in apps. I've done this several times before so I'm not sure what is different about this specific certificate. I have tried downloading the certificate through safari as hosted by the proxy, and also installing it as a profile pushed through Apple Configurator. In both cases I see the profile with the certificate in the profiles section under Settings->General, but when I go to Settings->General->About->Certificate Trust Settings, the certificate does not appear there as an option to enable as a root certificate.

I have tried this with a couple different certificate/private key pairs when launching the proxy, and I can generate a new one if there is something wrong with the pre-generated one. What might I be missing with this certificate that I can't make iOS trust it?

EDIT: It is worth noting that I can install this same certificate into the keychain on a mac, trust it, and have no SSL issues when using this proxy.

What version of iOS is this? What version of macOS did you ise for comparison? Can you post a cert that doesn’t work?
– SpiffJan 16 '18 at 17:38

Tested on two separate devices. 1 iPhone 5C running 10.3.2, one iPod touch running 11.1.1. Mac is a Mac pro running 10.13.2 As far as the cert goes, it doesn't seem to matter what it is. I made one using the steps outlined here and that doesn't work: codeblog.shape.dk/blog/2014/01/06/… Though when I do set that certificate for use in Charles, and download the certificate from charles, I am able to trust it, but it doesn't resolve SSL issues for some reason
– Dan FJan 16 '18 at 18:09